问题
I have a problem with my plugin when I try to use a method from service reference. I have a client that sends parameters to a web service, that then sends those parameters to my plugin, then I have to take those parameters and send them to a web service using a web reference method. To access the web service I need to use a certificate that was sing by the company that owns the last web service. The code that I use is this:
BasicHttpsBinding binding = new BasicHttpsBinding
{
Security = new BasicHttpsSecurity
{
Transport = new HttpTransportSecurity
{
ClientCredentialType = HttpClientCredentialType.Certificate
}
}
};
UploaderServiceClient client = new UploaderServiceClient(binding, new EndpointAddress(args.EndPoint));
client.ClientCredentials.ClientCertificate.SetCertificate(StoreLocation.LocaMachine, StoreName.My, X509FindType.FindBySerialNumber, args.SerialNum);
client.approveTransportDocument(appC, FileDesc);
After I use this code I get an exception:
The request was aborted: Could not create SSL/TLS secure channel.
The last web service works fine and the certificate is valid because if I use the same code on a form it works fine. EDIT: I'm adding the exception I get maybe it will help:
System.ServiceModel.Security.SecurityNegotiationException: Could not establish secure channel for SSL/TLS with authority 'imas-ws.vmi.lt'. ---> System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel. at System.Net.HttpWebRequest.GetResponse() at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout) --- End of inner exception stack trace ---
Server stack trace: at System.ServiceModel.Channels.HttpChannelUtilities.ProcessGetResponseWebException(WebException webException, HttpWebRequest request, HttpAbortReason abortReason)
at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.WaitForReply(TimeSpan timeout) at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout) at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout) at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type) at Eur_Iz.Ie.UploaderService.submitTransportDocument(TransportDocument LocalTransportDocument, FileDescription ContextInformation, AdditionalContext AdditionalContext) at Eur_Iz.Ie.UploaderServiceClient.submitTransportDocument(TransportDocument LocalTransportDocument, FileDescription ContextInformation, AdditionalContext AdditionalContext) in u:\DPb\Plns\Eur_Iz\Service References\Ie\Reference.cs:line 3295 at Eur_Iz.ClientPlugin.DataHandling(IServicePluginArgs args)
回答1:
It could be something with client certificate or server certificate. It could be trust issues (CA certificates missing at client or server).
Enabling CAPI2 log in eventlog might give you the answer why it Could not create SSL/TLS secure channel. CAPI2 log is by default disabled. When you enable it try to make the request again. There should be some error events that will contain helpful info about the cause.
回答2:
Found the answer the problem was I had to give permission for the web service to use the certificate. Heres the link that helped me: https://serverfault.com/questions/131046/how-to-grant-iis-7-5-access-to-a-certificate-in-certificate-store/132791#132791
来源:https://stackoverflow.com/questions/40672698/could-not-create-ssl-tls-secure-channel-from-plugin-to-web-service